Here is 2020 SPOTO Cisco 200-301 Latest Dumps Part I.

If you are interested

with full package. 100% Covered & Real.

Please Visit https://cciedump.spoto.net/

Contact Info:

Mail: support@spoto.net

Phone/WhatsApp: +86 18344981205

Most Important ! Thanks certcollection.org offer us this communication

platform. Use this Promotion code certcollection. You can get lowest price. Just for

certcollection members.

1. Which two capabilities of Cisco DNA Center make it more extensible? (Choose two.)

A. customized versions for small, medium, and large enterprises

B. adapters that support all families of Cisco IOS software

C. REST APIS that allow for external applications to interact natively with Cisco DNA

Center

D. modular design that is upgradable as needed

E. SDKs that support interaction with third-party network equipment

Correct Answer: CE

2. What is a benefit of using a Cisco Wireless LAN Controller?

A. Central AP management requires more complex configurations.

 B. Unique SSIDs cannot use the same authentication method.

C. It eliminates the need to configure each access point individually.

D. It supports autonomous and lightweight APs

Correct Answer: C

3. A router running EIGRP has learned the same route from two different paths. Which

parameter does the router use to select the best path?

A. administrative distance

B. cost

C. metric

D. as-path

Correct Answer: C

4. Which statement correctly compares traditional networks and controller-based

networks?

A. Only traditional networks natively support centralized management.

B. Only traditional networks offer a centralized control plane.

C. Traditional and controller-based networks abstract policies from device

configurations

D. Only controller-based networks decouple the control plane and the data plane

Correct Answer: D
5. Which network allows devices to communicate without the need to access the

Internet?

A. 172.9.0.0/16

B. 172.28.0.0/16

C. 192.0.0.0/8

D. 209.165.201.0/24

Correct Answer: B

6.

Which IPv6 address type provides communication between subnets and cannot

route on the Internet?

A. multicast

B. unique local

C. link-local

D. global unicast

Correct Answer: B

7. Which command prevents passwords from being stored in the configuration as

plain text on a router or switch?

A. enable secret

B. enable password

C. service password-encryption

D. username cisco password encrypt

Correct Answer: C
8. When a floating static route is configured, which action ensures that the backup

route is used when the primary route fails?

A. The administrative distance must be higher on the primary route so that the

backup route becomes secondary.

B. The floating static route must have a higher administrative distance than the

primary route so it is used as a backup.

C. The default information originate command must be configured for the route to

be installed into the routing table.

D. The floating static route must have a lower administrative distance than the

primary route so it is used as a backup.

Correct Answer: B

9.

Which two tasks must be performed to configure NTP to a trusted server in client

mode on a single network device? (Choose two.)

A. Enable NTP authentication.

B. Specify the IP address of the NTP server.

C. Disable NTP broadcasts

D. Verify the time zone.

E. Set the NTP server private key.

Correct Answer: AB
10. A network engineer must back up 20 network router configurations globally within

a customer environment. Which protocol allows the engineer to perform this

function using the Cisco IOS MIB?

A. SMTP

B. SNMP

C. ARP

D. CDP

Correct Answer: B

11. Router 1 has a Fast Ethernet interface 0/0 with IP address 10.1.1.1. The interface is

connected to a switch. This connection is then migrated to use 802.1Q trunking.

Which of the following commands could be part of a valid configuration for Router

1's Fa0/0 interface?

A. A. interface fastethernet 0/0.4

B. dot1q enable

C. dot1q enable 4

D. trunking enable

E. trunking enable 4

F. encapsulation dot1q 4

G. Both A and F

H. Both C and F

Correct Answer: G

12. Router R1 has a router-on-a-stick configuration with two subinterfaces of

 interface G0/1: G0/1.1 and G0/1.2. Physical interface G0/1 is currently in a

down/down state. The network engineer then configures a shutdown

command when in interface configuration mode for G0/1.1 and a no shutdown

command when in interface configuration mode for G0/1.2. Which answers are

correct about the interface state for the subinterfaces?

A. G0/1.1 will be in a down/down state.

B. G0/1.2 will be in a down/down state.

C. G0/1.1 will be in an administratively down state.

D. G0/1.2 will be in an up/up state.

E. Both A and C

F. Both B and C

Correct Answer: E

13. A Layer 3 switch has been configured to route IP packets between VLANs 1, 2

and 3 using SVIs, which connect to subnets 172.20.1.0/25, 172.20.2.0/25 and

172.20.3.0/25, respectively. The engineer issues a show ip route connected

command on the Layer 3 switch, listing the connected routes. Which of the

following answers lists a piece of information that should be in at least one of the

routes?

A. Interface Gigabit Ethernet 0/0.3

B. Next-hop router 172.20.2.1

C. Interface VLAN 2

D. Mask 255.255.255.0

Correct Answer: C

14. An engineer has successfully configured a Layer 3 switch with SVIs for VLANs 2

and 3. Hosts in the subnets using VLANs 2 and 3 can ping each other with the Layer

3 switch routing the packets. The next week, the network engineer receives a call

that those same users can no longer ping each other. If the problem is with the

Layer 3 switching function, which of the following could have caused the problem?

A. Six -- or more -- out of 10 working VLAN 2 access ports failing due to physical

problems

B. A shutdown command issued from interface VLAN 4 configuration mode

C. VTP on the switch removing VLAN 3 from the switch's VLAN list

D. A shutdown command issued from VLAN 2 configuration mode

E. Both C and D

F. Both B and D

Correct Answer: E

15. A LAN design uses a Layer 3 EtherChannel between two switches, SW1 and SW2,

with port-channel interface 1 used on both switches. SW1 uses ports G0/1, G0/2

and G0/3 in the channel. Which of the following are true about SW1's configuration
to make the channel be able to route IPv4 packets correctly?

A. The ip address command must be on the port-channel 1 interface.

B. The ip address command must be on interface G0/1 -- lowest numbered port.

C. The port-channel 1 interface must be configured with the no switchport

command.

D. Interface G0/1 must be configured with the routedport command.

E. Both B and D

F. Both A and C

Correct Answer: F

16. A LAN design uses a Layer 3 EtherChannel between two switches, SW1 and SW2,

with port-channel interface 1 used on both switches. SW1 uses ports G0/1 and

G0/2 in the channel. However, only interface G0/1 is bundled into the channel and

working. Think about the configuration settings on port G0/2 that could have

existed before adding G0/2 to the EtherChannel. Which answers identify a setting

that could prevent IOS from adding G0/2 to the Layer 3 EtherChannel?

A. A different STP cost (spanning-tree cost value)

B. A different speed (speed value)

C. A default setting for switchport (switchport)

D. A different access VLAN (switchport access vlan vlan-id)

E. Both A and C
F. Both B and C

Correct Answer: F

17. All 30 users on a single floor of a building are complaining about network slowness.

After investigating the access switch, the network administrator notices that the MAC

address table is full (10,000 entries) and all traffic is being flooded out of every port.

Which action can the administrator take to prevent this from occurring?

A. Configure port-security to limit the number of mac-addresses allowed on each port

B. Upgrade the switch to one that can handle 20,000 entries

C. Configure private-vlans to prevent hosts from communicating with one another

D. Enable storm-control to limit the traffic rate

E. Configure a VACL to block all IP traffic except traffic to and from that subnet

Correct Answer: A

18. Which two keying mechanisms are available within MACsec? (Choose

two.)

A. IKE

B. GDOI

C. SAP

D. MKA

E. Diffie-Hellman
Correct Answer: CD

19. Which two features are supported on the Cisco Adaptive Security Virtual Appliance?

(Choose two.)

A. high availability

B. EtherChannel

C. site-to-site VPN

D. PAK-based licensing

E. multiple contexts

F. clustering

Correct Answer: AC

20. Which type of authentication and encryption does SNMPv3 use at the authPriv

security level?

A. username authentication with MD5 or SHA encryption

B. MD5 or SHA authentication with DES encryption

C. username authentication with DES encryption

D. DES authentication with MD5 or SHA encryption

Correct Answer: B

21. Which identity store option allows you to modify the directory services that run on

TCP/IP?

A. Lightweight Directory Access Protocol

B. RSA SecurID server

C. RADIUS
D. Active Directory

Correct Answer: A

22. Which statement about system time and NTP server configuration with Cisco ISE is

true?

A. The system time and NTP server settings can be configured centrally on the Cisco

ISE.

B. The system time can be configured centrally on the Cisco ISE, but NTP server settings

must be configured individually on each ISE node.

C. NTP server settings can be configured centrally on the Cisco ISE, but the system time

must be configured individually on each ISE node.

D. The system time and NTP server settings must be configured individually on each ISE

node.

Correct Answer: D

23. Which option is required for inline security group tag propagation?

A. Cisco Secure Access Control System

B. hardware support

C. Security Group Tag Exchange Protocol (SXP) v4

D. Cisco Identity Services Engine

Correct Answer: B
24. Which protocol sends authentication and accounting in different

requests?

A. RADIUS

B. TACACS+

C. EAP-Chaining

D. PEAP

E. EAP-TLS

Correct Answer: B

25. Your company network security policy requires that all network traffic be tunneled

to the corporate office. End users must be able to access local LAN resources when they

connect to the corporate network. Which two configurations do you implement in

Cisco AnyConnect? (Choose two.)

A. split-exclude tunneling

B. local LAN access

C. static routes

D. Client Bypass Protocol

E. tunnel all

Correct Answer: BE
26. What advantage does elliptic curve cryptography have over RSA cryptography?

A. ECC compresses the enciphered data

B. ECC has wider industry adoption

C. ECC utilizes symmetric encryption for greater performance

D. ECC provides greater security with a smaller key size

Correct Answer: D

27. Which description of the Layer 4 traffic Monitor on a Cisco WSA is true?

A. monitors suspicious traffic across all the TCP/UDP ports

B. decrypts SSL traffic to monitor for malicious content

C. prevents data exfiltration by searching all the network traffic for specified sensitive

information

D. blocks traffic from URL categories that are known to contain malicious content

Correct Answer: A